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METHOD AND SYSTEM FOR PROCESSING FAULT HYPOTHESES 

5 Cross -Reference to Related Application : 

This application is a continuation, under* 35 U.S.C. § 120, of 
copending international application No. PCT/EP02/10705 , filed 
September 24, 2002, which designated the United States; this 
application also claims the priority, under 35 U.S.C. § 119, 
10 of German patent application No. 101 46 901.2, filed September 
24, 2001; the prior applications are herewith incorporated by 
reference in their entirety. 

Background of the Invention : 

15 Field of the Invention : 

The invention relates to a method and a system for determining 
fault causes and for verification of them in the course of a 
model-based fault cause analysis. The invention is suitable 
for assisting in fault cause analysis in the case of a fault 

20 event in a technical installation, or in a technical process 
which is carried out by the technical installation. 

Model -based fault cause analysis is described, for example, in 
the reference by G. Vollmar, R. Milanovic, J. Kallela, titled 
25 "Model -Based Root Cause Analysis", Conference proceedings, 
2001 Machinery Reliability Conference, April 2-4, Phoenix 
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Arizona, published by RELIABILITY Magazine, c/o Industrial 
Communications, Inc. 1704 Natalie Nehs , Dr. Knoxville, TN 
37931 USA. When a fault occurs, the method provides a fault 
analyst with information in such a way that he can find the 
5 fault cause quickly and specifically. To do this, the fault 
analyst requires a computer which is equipped with a web 
browser and which can access the fault cause analysis models 
via an Internet link. A fault model is a hierarchical, tree- 
like structure. The uppermost level contains the fault event. 

10 The levels below this contain nodes which each represent 
hypotheses. These nodes are linked to one another like a 
tree. Each node has a checklist, which can be used to verify 
or negate hypotheses. A checklist is composed of a number of 
checklist items. The checklist items give instructions as to 

15 what information the analyst needs and how he must process it 
in order to verify the hypothesis. When searching for a 
malfunction in an installation, the fault analyst navigates 
from node to node and checks his installation on the basis of 
the attached checklists. If he accepts a hypothesis in this 

2 0 way, he navigates to the fault model on which it is based and 
to the fault that has led to the malfunction in his 
installation . 



However, the processing of the checklist items for 
25 verification of fault hypotheses may be highly complex. All 

the valid data must be gathered and processed. The data which 
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has to be used for processing is often no longer available or 
can be obtained only with difficulty and in a time-consuming 
manner. Quite often, the data must be processed further by 
use of complex mathematical functions in order to produce 
5 valid information. Problems occur in particular when the time 
required to do this is very long, or, when no specialist is 
available for this task . 

Control systems and databases which store signals with a time 
10 reference in principle have data that can be used for 

verification of hypotheses. There are also software programs, 
which can compress and process this data to form higher- 
quality information. However, the known procedure for fault 
cause analysis is still subj ect to the significant 
15 disadvantage that the information from control systems and 
their databases is not automatically made accessible to 
systems for fault cause analysis, so that this does not allow 
computer-aided verification of hypotheses, either. 

2 0 Summary of the Invention : 

It is accordingly an object of the invention to provide a 
method and a system for processing fault hypotheses which 
overcome the above-mentioned disadvantages of the prior art 
methods and devices of this general type, which automates the 

25 fault hypothesis analysis . 
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With the foregoing and other objects in view there is 
provided, in accordance with the invention, a method for the 
automated processing of fault hypotheses in a course of a 
fault cause analysis in a case of a fault event in a technical 
5 installation. The method includes providing a data processing 
system that uses knowledge -based models for the fault cause 
analysis and physical models of installation functions and 
processes carried out by the technical installation. The data 
processing system has a first unit for calculating and storing 

10 installation and process states and the first unit has access 
to the physical models and to data relating to the technical 
installation stored in a data server. The data processing 
system further has a second unit for hypothesis processing and 
an input/output device. A user of the data processing system 

15 determines an existence of a fault hypothesis. The second 
unit is used for accessing results of .a calculation of the 
installation and process states and for accessing a checklist 
of the knowledge -based models for automatically verifying the 
fault hypothesis on a basis of conditions associated with 

20 checklist items in the checklist. A verification result is 
entered for each checklist item in a result list, and the 
result list is output. 

The invention accordingly relates to a method and a system for 
25 determining fault causes and for verifying them in the course 
of a fault cause analysis, including computer-aided processing 
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of checklist items on the basis of physical models for 
verification of hypotheses. The method and the system are 
suitable for assisting in the search for fault causes when 
fault events occur in industrial installations. 

5 

On-line data from industrial information technology, that is 
to say from a control system or planning system for example, 
is in this case converted by physical models to higher-quality 
information for fault cause analysis in real time. The 

10 physical models therefore provide the information that is 
required for processing checklist items. Ideally, all the 
checklist items can be processed automatically by physical 
models, thus verifying a predetermined fault hypothesis. 
Results achieved in this way are expediently passed via an XML 

15 interface to a system for fault cause analysis. During the 

processing of a fault tree, the hypotheses and checklist items 
that have already been processed by the models are signaled to 
a fault analyst. 

2 0 With the foregoing and other objects in view there is 

provided, in accordance with the invention, a system for the 
automated processing of fault hypotheses in a course of a 
fault cause analysis in a case of a fault event in a technical 
installation. The system includes a data server storing data 

25 relating to the technical installation, and a data processing 
system processing knowledge -based models for the fault cause 
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analysis and physical models of technical installation 
functions and processes which can be carried out by the 
technical installation. The data processing system contains a 
first unit for calculating and storing installation and 
5 process states. The first unit has access to the physical 
models and to the data stored in the data server for the 
technical installation. A second unit for hypothesis 
processing, and an input /output device connected to the second 
unit, are provided. 

10 

In accordance with an added feature of the invention, the data 
processing system is configured such that once a user has 
predetermined a fault hypothesis, the second unit accesses 
results of a calculation of the installation and process 
15 states and accesses a checklist of the knowledge -based models 
to automatically verify the fault hypothesis on a basis of 
conditions which are associated with checklist items in the 
checklist, enters the verification result for each checklist 
item in a result list, and outputs the result list. 

20 

Other features which are considered as characteristic for the 
invention are set forth in the appended claims. 



Although the invention is illustrated and described herein as 
25 embodied in a method and a system for processing fault 

hypotheses, it is nevertheless not intended to be limited to 
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the details shown, since various modifications and structural 
changes may be made therein without departing from the spirit 
of the invention and within the scope and range of equivalents 
of the claims. 

5 

The construction and method of operation of the invention, 
however, together with additional objects and advantages 
thereof will be best understood from the following description 
of specific embodiments when read in connection with the 
10 accompanying drawings. 

Brief Description of the Drawings : 

Fig. 1 is a block diagram of' a system for automatically 
processing a fault hypothesis according to the invention; 

15 

Fig. 2 is a flow diagram showing a method for automatic 
processing of fault hypotheses; 

Fig. 3 is an illustration of a physical model of a process; 

20 

Fig. 4 is an illustration showing a fundamental description of 
a fault model; 

Fig. 5 is a block diagram of a structure of a fault tree; 

25 
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Fig. 6 is a block diagram of the processing of a fault 
hypothesis of the power supply being too high; and 

Fig. 7 is a block diagram showing an automatically verified 
5 checklist. 

Description of the- Preferred Embodiments : 

Referring now to the figures of the drawing in detail and 
first, particularly, to Fig. 1 thereof, there is shown a 
10 system 1 for the automatic processing of fault hypotheses with 
the aid of physical models. The system contains an 
input/output device 10, a hypothesis processing device 20 and 
a data memory 30. 

The input/output device 10 contains a model browser 11, by 
which a fault analyst can process knowledge -based models 33 
which are based on fault trees and are referred to as root 
cause analysis (RCA) models. In particular, this allows a 
fault hypothesis to be predetermined, which can be verified 
automatically by the system. 

The hypothesis processing device 20 contains a processing 
device 21, which is referred to as a model engine, for 
physical models 31 and a hypothesis processor 22, which is 
25 referred to in Fig. 1 as the RCA model navigator 22. The 

processing device 21 cyclically accesses process data provided 
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from a data server 40, calculates installation and process 
states after predetermining a physical model 31, and stores 
the result in a data memory area for calculation results 32. 
While processing a hypothesis, the hypothesis processor 22 
5 accesses the calculation results 32, as well as checklists for 
the knowledge -based models 33. 

The data memory 3 0 contains memory areas with files in which 
the physical models 31 and the knowledge -based models 33 are 
10 stored, and in which the calculation results 32 are stored. 

Fig. 2 shows the method for automatic processing of fault 
hypotheses with the aid of the physical models that are 
illustrated in general form in Fig. 1 and in the form of an 

15 example in Fig. 3. The fault analyst first navigates to a 

fault hypothesis in order to start the method. In method step 
100, the hypothesis processor 22 loads the calculation results 
32 which are required for verification of the hypothesis. In 
subsequent step 200, the hypothesis processor 22 also loads 

20 the checklist for the relevant hypothesis from the knowledge- 
based models 33. Fig. 6 shows one example of a checklist such 
as this. In step 300, the hypothesis processor 22 compares 
the calculation results with the checklist items from the 
checklist. The checklist items for- which models are stored 

25 are in this case evaluated automatically. Each checklist item 
contains a condition for verification of the hypothesis. In 
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step 400, the hypothesis processor 22 identifies whether the 
checklist item does or does not satisfy the condition. As an 
example, Fig. 7 shows how a checklist is output after 
processing . 

5 

By way of example, Fig. 3 shows the physical model of a 
chemical process in a reactor. The model is indicated in the 
form of a differential equation. The model describes the 
process parameters in the fault-free state. Using a model 

10 such as this, a fault can be determined by comparison of the 
calculated parameter with the actually measured value. For 
example, the inlet and outlet temperatures of the cooling 
water may be calculated. If there is a discrepancy between 
the calculated outlet temperature and the measured value, an 

15 appropriate equation system may be used to deduce a measured 
value fault, taking account of specific boundary conditions. 
The differential equation that is indicated may be used, for 
example, to diagnose a temperature measurement error by T 0/ 
and a leakage by V. 

20 

Fig. 4 shows the fundamental description of a fault model as a 
knowledge -based model 33. The described uppermost level 
contains a process model with its process steps. Each process 
step may be subdivided into further process steps. Fault 
25 events and critical components are associated with each 

process step. Once again, fault trees with nodes exist for 
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this purpose. The nodes in a fault tree represent fault 
hypotheses. A verification checklist represents a major 
component of the content of a fault hypothesis. The contents 
of a hypothesis are described in more detail in Fig. 5. 

5 

Fig. 5 shows the structure of a fault tree. The model is 
hierarchical and, in its simplest version, contains two 
levels. The uppermost level represents the fault event. One 
fault event may be associated with a number of fault 

10 hypotheses. The logical relationship can be formulated as 
follows: one or more fault hypotheses may cause the fault 
event. The fault event and fault hypothesis have a similar 
content description. For deeper analysis, the fault 
hypothesis may refer to other fault models, that is to say a 

15 fault tree may be composed of a number of tree elements. The 
link is produced by the fault tree reference attribute. 

Fig. 6 shows, by way of example, how the system presents a 
user with the fault hypothesis "power supply too high" . A 

20 description of the fault hypothesis in this case explains the 
relationship between the fault and the possible cause. A 
localization process indicates the possible fault location; in 
the example, this is the reactor XY. The hypothesis is 
verified by processing a verification checklist. The tests 

25 "temperature measurement fault" and "leakage to the cooling 

I 

casing" may be verified automatically by a physical model. A I 
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fault tree reference allows access to an associated fault tree 
for deeper diagnosis relating to the diagnosis criterion 
"incorrect operating instructions" . 

5 By way of example, Fig. 7 shows how an automatically verified 
checklist is displayed. Diagnosis criteria that have already 
automatically been verified negatively are in this case 
displayed in italics. A positively verified diagnosis 
criterion is displayed in bold text and is emphasized by 
10 exclamation marks. Diagnosis criteria that are still to be 
tested are shown in bold text and with question marks. 
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